Can I be sued for failing to secure an email I didn't request?

Question

I work for a company that services schools across the US and we receive email communications from them all the time.

On occasion I receive emails with blocks such as the following in their signatures:

PRIVACY & CONFIDENTIALITY OF INFORMATION NOTICE: This communication may contain non-public, confidential, or legally privileged information intended for the sole use of the designated recipient (s). If you are not the intended recipient, or have received this communication in error, please notify the sender immediately by reply e-mail or by telephone and delete all copies of the communication, including attachments, without reading them or saving them to disk. If you are the intended recipient, you must secure the contents in accordance with all applicable state or federal requirements related to the privacy and confidentiality of information, including the FERPA and HIPAA Privacy guidelines.

Under Florida law, e-mail addresses, and all forms of communications, including e-mail communications, made or received in connection with the transaction of School Board business are public records, which must be retained as required by law and must be disclosed upon receipt of a public records request, except as may be excluded by federal or state laws. If you do not want your e-mail address released in response to a public records request, do not send electronic mail to this entity. Instead, contact this office by phone.

My question regards the tail ends of both paragraphs. In both cases is appears that I'd be subject to binding by law or reductions in my privacy due to an email I may never have requested. In particular the first paragraph suggests that a public entity could contact me(provided they intended to) and I can then become responsible for securing the contents of an email I may never have requested or anticipated.

The second paragraph seems to suggest that my email address could become public record if I responded to a message sent in error(it lacks the clause about intended recipient). It seems backwards to make my information public based on interacting at all with the sender of an email I received.

The precise question is this: Can this school cause me to come under the authority of Florida public records law or make me subject to disclosure agreement regarding the information simply by sending it to me? Is there any requirement for at least implied consent?

(In case it matters, I don't have any great need to do so, I'm just curious at the presumptive language used in the notice).

Edit: The linked answer provides information for one of the clauses and suggests a possible answer for the rest, but doesn't provide for the disclosure clause regarding my own email. I've edited the question to try to twine them together more clearly. The whole concern is the ability of another entity to essentially opt me into an agreement, wherein the only real consent is opening a communication I received to see what it might be.

Answer 1

The second paragraph actually says that your e-mail address will become public record if you send an e-mail message to them. That's because there's a Florida law that requires this. If you want to communicate with the school without your e-mail address appearing in the public record, you can call on the telephone, send postal mail, or visit in person.

The notice is precisely there to inform you of the fact that sending e-mail to the school will have this effect, and it helpfully mentions one of the ways you can avoid that outcome:

If you do not want your e-mail address released in response to a public records request, do not send electronic mail to this entity. Instead, contact this office by phone.

If you think about the nature and purpose of public records laws, you will perhaps understand why the Florida law does not speak of consent or allow those corresponding with affected entities to opt out. If that were possible, then people who were conducting improper business with the public entities would withhold consent or otherwise opt out, making the public records law useless in the service of its goal of increasing transparency in government.

Answer 2

As phoog correctly states, if you reply to an email from a state agency, the entire message minus statutorily restricted information is subject to disclosure under Florida public records law, as long as the record (portion) is not exempted (confidential information may be redacted). It is reasonable to think (based on a reading of things exempted) that an email address is non-exempt, but that is not absolutely guaranteed. You should read their statement in para 2 as an interpretation of what the law requires. That law does not require you to do anything, instead, the school will do something if they are told to.

The tail of the first paragraph is somewhat deceptive. Whether or not you are the intended recipient, you "must" secure the contents in accordance with all applicable law. They do not actually state that any law is applicable to you. HIPAA and FERPA do not impose any requirements on "ordinary folks", they impose requirements on state agencies, educational institutes, medical practitioners, and so on. But, you are not interacting with them as "ordinary folks", you are doing so in connection with a business, and businesses are regulated. So in fact there are restrictions, HIPAA and FERPA being prominent, on dealing with emails, intended or not, which contain confidential information.

Answer 3

The school is not binding you - the state is. All the school is doing is advising you of the legal obligations the state of Florida and the nation of the United States of America place on you.

States can do this because they have coercive power - that’s what laws are, obligations you have that you never consented to.

If you are physically beyond their jurisdiction they may have practical difficulties in enforcing their laws but your jurisdiction may cooperate with them to do so.